Senior Analyst, Governance Risk and Compliance
Brooklyn, NY (Rent the Runway HQ)
Applications have closed
Rent the Runway
The premier clothing rental subscription service. Rent and purchase dresses, accessories and more for work, special events and everyday. Memberships from just $89.About Us:
Rent the Runway (RTR) is transforming the way we get dressed by pioneering the world’s first Closet in the Cloud. Founded in 2009, RTR has disrupted the $2.4 trillion fashion industry by inspiring women with a more joyful, sustainable and financially-savvy way to feel their best every day. As the ultimate destination for circular fashion, the brand now offers infinite points of access to its shared closet via a fully customizable subscription to fashion, one-time rental or ownership. RTR offers designer apparel, accessories and home decor from 700+ brand partners and has built in-house proprietary technology and a one-of-a-kind reverse logistics operation. Under CEO and Co-Founder Jennifer Hyman’s leadership, RTR has been named to CNBC’s “Disruptor 50” five times in ten years, and has been placed on Fast Company’s Most Innovative Companies list multiple times, while Hyman herself has been named to the “TIME 100” most influential people in the world and as one of People magazine’s “Women Changing the World.”
About the Job:
The Governance Risk and Compliance Analyst is a position within the team with technology, security risk, and compliance responsibilities across the organization. Working closely with the Director of Governance, Risk and Compliance, this position will be responsible for assessing and testing processes and controls to raise the overall compliance and security posture as well as reduce and mitigate risk levels for RTR. Working across multiple frameworks and regulatory standards including, but not limited to SOX, GDPR, CCPA, PCI-DSS, NIST CSF, etc. This individual will have exposure to all parts of the business including Software Engineering, Finance, Corporate Systems, Operations, Legal, Internal Audit and other stakeholders.
What You’ll Do:
- Work with the Director of Governance Risk and Compliance on an organization-wide IT and information security compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies and regulations
- Responsible for assessing and documenting IT and security risk and compliance based on process and control walkthroughs or testing while working with the Director of Governance, Risk, and Compliance to determine potential solutions that are appropriate for Rent the Runway’s business and system architecture
- Responsible for carrying out internal and 3rd party audits/assessments, as well as facilitate evidence collection
- Responsible for carrying out internal security risk assessments at all levels of the business including assets and third parties
- Interacts with technology-focused teams and business stakeholders to understand risks to critical systems and data by understanding potential business impact of mitigation strategies
About You:
- 4+ years experience in IT and security governance, risk, or compliance functions
- Deep understanding of IT controls at the systems, network, and application level
- Experience in IT general controls audits from test design to remediation
- Understanding of information security domains including web application and cloud security concepts
- Experience conducting risk assessments at organizational, product, asset, and third party levels
- Knowledge of IT risk frameworks such as COBIT
- Knowledge of security and privacy frameworks such as NIST, SOX, PCI, ISO, GDPR, CCPA
- Knowledge of cloud services (IaaS, PaaS, Saas), databases, infrastructure
- Experience working in cross-functional settings including IT, engineering, and business stakeholders
- Excellent interpersonal, communication, and presentation skills, including report writing experience
- Understanding and belief that compliance is never a “one size fits all”
Benefits:
At Rent the Runway, we’re committed to the wellbeing of our employees, and aim to create a workplace that fosters both personal and professional growth. Our inclusive benefits include, but are not limited to:
- Paid Time Off including vacation, paid bereavement, and family sick leave - every employee needs time to take care of themselves and their family.
- Universal Paid Parental Leave for both parents + flexible return to work program - because we know your newest family member(s) deserve your undivided attention.
- Paid Sabbatical after 5 years of continuous service - Unplug, recharge, and have some fun!
- Exclusive employee subscription and rental discounts - to ensure you experience the magic of renting the runway (and give us valued feedback!).
- Comprehensive health, vision, dental, FSA and dependent care from day 1 of employment - Your health comes first and we’ve got you covered.
- 401k match - an investment in your future.
- Company wide events and outings - our team spirit is no joke - we know how to have fun!
- Hybrid Work - when our corporate employees return to the office post COVID they will have the option to work remotely 2-3 days a week, in accordance with Company policies.
COVID-19 VACCINE REQUIREMENT:
RTR is requiring all US corporate employees to be fully vaccinated for COVID-19 in order to work in person, unless an employee requires a reasonable accommodation for medical or religious reasons. If you believe that you may require an accommodation, please apply for any roles that interest you and if hired, you will receive information on how to request a reasonable accommodation after your start date. RTR will evaluate all such requests in accordance with Company policy and applicable law.
Rent the Runway is an equal opportunity employer. In accordance with applicable law, we prohibit discrimination against any applicant or employee based on any legally-recognized basis, including, but not limited to: race, color, religion, sex (including pregnancy, lactation, childbirth or related medical conditions), sexual orientation, gender identity, age (40 and over), national origin or ancestry, citizenship status, physical or mental disability, genetic information (including testing and characteristics), veteran status, uniformed service member status or any other status protected by federal, state or local law.
_____________
The anticipated base salary for this position is $90,400 to $113,000. The actual base salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held. This position is also eligible for equity compensation.
#LI-EM1
Tags: Audits CCPA Cloud COBIT Compliance Finance GDPR Governance IaaS NIST PaaS Privacy Risk assessment SaaS SOX
Perks/benefits: 401(k) matching Career development Equity Flex hours Flex vacation Health care Medical leave Paid sabbatical Parental leave Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Chief Information Security Officer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open IT Security Engineer jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs